Family: CGI abuses --> Category: infos
phpBB <= 2.0.17 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in phpBB <= 2.0.17
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by
The remote host is running a version of phpBB that, if using PHP 5
with 'register_globals' enabled, fails to properly deregister global
variables as well as to initialize several variables in various
scripts. A possible hacker may be able to exploit these issues to execute
arbitrary code or to conduct SQL injection and cross-site scripting
See also :
Upgrade to phpBB version 2.0.18 or later.
High / CVSS Base Score : 7.0
Click HERE for more information and discussions on this network vulnerability scan.